Ask Your Question
1

Swift/Keystone authentication failure [closed]

asked 2013-06-25 04:27:22 -0500

Dady gravatar image

updated 2013-06-28 10:37:12 -0500

smaffulli gravatar image

Hi guys,

I'm trying to install Swift from this Guide when verifying the installation with swift -V 2.0 -A http://127.0.0.1:8888/v2.0 -U swift:swift -K swift stat i get : Unauthorised. Check username, password and tenant name/id

When i try with the port : 35357 mentioned in the proxy-server i get : Authorization Failure. Authorization Failed: [Errno 111] Connection refused

I don't know what the reason could be, the paramaters are the same in the proxy-server.conf http://pastebin.ubuntu.com/5797979/

Also when i try with : keystone --os-username=swift --os-password=swift --os-auth-url=http://127.0.0.1:8888/v2.0 token-get i get :

This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.

Ps: i didn't do any additional configuration to Kesytone, should i do something after the installation ? i want just use it with Swift.

Thank you

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by koolhead17
close date 2013-11-11 04:21:31.456327

2 answers

Sort by ยป oldest newest most voted
3

answered 2013-06-28 15:07:21 -0500

sgordon gravatar image

updated 2013-09-24 18:14:29 -0500

smaffulli gravatar image

It looks like the guide skipped/omitted creation of the Swift user and endpoint, assuming you have Keystone installed you can create the required entries like so [1]:

Set up the shell to access Keystone as the admin user:

 $ source ~/keystonerc_admin

Check if there is a services tenant:

$ keystone tenant-list

If not, create one:

$ keystone tenant-create --name services

Create a Swift user and set its password by replacing PASSWORD with your chosen password:

$ keystone user-create --name swift --pass PASSWORD

Get the uuid of the admin role:

$ keystone role-list | grep admin

If no admin role exists, create one:

$ keystone role-create --name admin

Add the Swift user to the service tenant with the admin role:

$ keystone user-role-add --role-id <roleid> --tenant-id <tenantid> --user-id <userid>

Create swift as an endpoint in Keystone:

$ keystone service-list

If the object-store service does not already exist, create one:

$ keystone service-create --name swift --type object-store \
                          --description "Swift Storage Service"
$ keystone endpoint-create --service_id <serviceid> \
  --publicurl "http://IP:8080/v1/AUTH_\$(tenant_id)s" \
  --adminurl "http://IP:8080/v1" \
  --internalurl "http://IP:8080/v1/AUTH_\$(tenant_id)s"

Replace IP with the IP address of your Swift proxy.

edit flag offensive delete link more

Comments

I created the service+user and I can get the user list and token id. But when I try to test with `swift -V 2.0 -A http://<auth_hostname>:5000/v2.0 -U demo:admin -K $ADMINPASS stat` I get `Account HEAD failed: http://127.0.0.1:8888/v1/AUTH_91bd28fe2bf84283ab4675b5ef4d9f42 503 Internal Server Error`

Dady gravatar imageDady ( 2013-07-03 07:09:29 -0500 )edit

You should still be able to find some logs for Swift under /var/log/, I would also check the Keystone log in /var/log/keystone/keystone.log

sgordon gravatar imagesgordon ( 2013-07-03 12:13:53 -0500 )edit
0

answered 2013-11-11 04:21:11 -0500

koolhead17 gravatar image

Closing this question as @sgordon answered it providing the missing configs.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

Stats

Asked: 2013-06-25 04:27:22 -0500

Seen: 7,576 times

Last updated: Nov 11 '13